Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/040070-64b0-46f8-a360-02206303d713/1/5ZAclsdH6RYsrv5QFArlMhsjxXw.mft
File:                     5ZAclsdH6RYsrv5QFArlMhsjxXw.mft (raw, json)
Hash identifier:          uWHxOClfiVlZ4sfWD19Fyr4EA+XzR166aj+vlLkueek=
Subject key identifier:   EA:80:15:04:EE:11:2C:FC:6C:E1:FA:04:39:D8:56:99:23:77:00:C8
Authority key identifier: E5:90:1C:96:C7:47:E9:16:2C:AE:FE:50:14:0A:E5:32:1B:23:C5:7C
Certificate issuer:       /CN=e5901c96c747e9162caefe50140ae5321b23c57c
Certificate serial:       01974A7A72945D3A2A774E4719025D5CA687
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5ZAclsdH6RYsrv5QFArlMhsjxXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/040070-64b0-46f8-a360-02206303d713/1/5ZAclsdH6RYsrv5QFArlMhsjxXw.mft
Manifest number:          C7
Signing time:             Sat 07 Jun 2025 13:00:28 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:28 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:28 +0000
Files and hashes:         1: 5ZAclsdH6RYsrv5QFArlMhsjxXw.crl (hash: 6zo9aAjX7D6irQLRJnFWId59qZxInunXseea0GehpL4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/040070-64b0-46f8-a360-02206303d713/1/5ZAclsdH6RYsrv5QFArlMhsjxXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/040070-64b0-46f8-a360-02206303d713/1/5ZAclsdH6RYsrv5QFArlMhsjxXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5ZAclsdH6RYsrv5QFArlMhsjxXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:72:94:5d:3a:2a:77:4e:47:19:02:5d:5c:a6:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5901c96c747e9162caefe50140ae5321b23c57c
        Validity
            Not Before: Jun  7 13:00:28 2025 GMT
            Not After : Jun  8 13:00:28 2025 GMT
        Subject: CN=ea801504ee112cfc6ce1fa0439d85699237700c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:08:21:d8:17:09:c4:5b:d2:9b:b5:0e:32:4f:
                    b9:8d:c6:30:c0:b7:df:72:c1:4c:86:83:dc:6a:e3:
                    f4:7e:ed:98:51:ea:21:61:e6:c2:1f:d4:3e:58:5a:
                    a7:66:06:50:cf:e4:89:03:59:4f:69:f5:80:34:fa:
                    fb:55:7a:72:e6:e2:fa:64:59:ed:05:d5:18:4d:91:
                    99:88:b9:e7:56:b8:7f:48:99:9d:46:7e:71:f4:54:
                    59:f2:19:61:52:cb:c0:30:4b:8a:8c:45:76:b9:fc:
                    6d:ae:1e:69:bb:c2:a1:34:19:c0:6f:75:26:52:81:
                    6d:52:d8:61:81:3c:9d:e2:ac:e4:f6:78:1d:f9:31:
                    3b:71:9f:cf:c5:3e:01:7c:43:a5:06:26:65:06:0a:
                    bc:6a:7b:be:6d:a5:48:d1:9b:1b:d4:7c:47:fc:77:
                    10:bc:d9:2c:0f:a9:32:5e:35:5a:56:8d:99:f2:09:
                    06:ad:ca:ff:f5:6b:6c:b0:c3:2b:99:88:93:29:00:
                    5f:4f:4b:14:ac:1b:18:90:11:e0:bb:33:ec:28:43:
                    bf:a8:ae:e8:57:3a:d5:14:7b:09:86:7a:9f:4e:71:
                    66:4f:7e:b5:72:02:23:f9:40:a5:ad:74:0c:6b:33:
                    df:1a:93:65:73:fd:ae:69:f5:52:96:89:3c:08:cb:
                    5e:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:80:15:04:EE:11:2C:FC:6C:E1:FA:04:39:D8:56:99:23:77:00:C8
            X509v3 Authority Key Identifier:
                keyid:E5:90:1C:96:C7:47:E9:16:2C:AE:FE:50:14:0A:E5:32:1B:23:C5:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5ZAclsdH6RYsrv5QFArlMhsjxXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/040070-64b0-46f8-a360-02206303d713/1/5ZAclsdH6RYsrv5QFArlMhsjxXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/040070-64b0-46f8-a360-02206303d713/1/5ZAclsdH6RYsrv5QFArlMhsjxXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:92:2f:e4:0b:49:67:21:fa:78:b5:42:74:ae:9e:11:c2:88:
         ca:37:f0:4c:8f:df:03:a5:b9:cf:1a:5e:4e:3f:93:db:43:e9:
         13:39:e0:06:70:16:ec:58:63:07:de:9e:a3:1f:22:8a:88:2b:
         b1:eb:44:f4:36:23:27:31:7a:df:73:42:1f:c1:bc:a1:35:3e:
         35:2a:7b:09:57:81:f6:17:da:74:ac:33:54:de:68:3a:81:7a:
         94:5a:5e:08:59:54:9d:b7:50:cd:1c:98:a1:18:b0:e4:7e:30:
         ba:2c:fb:be:71:b6:35:a6:aa:7e:c1:de:8d:b3:5e:ee:7e:96:
         7f:69:3c:4b:44:7b:58:2d:7e:0d:78:85:5b:21:0d:f7:e2:ce:
         e3:ed:0a:e6:72:39:21:07:a9:ce:3b:19:e0:61:ca:df:82:87:
         33:72:66:58:41:70:ef:8e:97:bd:4e:be:aa:fe:ca:86:6c:f3:
         1b:a0:cb:da:b5:19:3a:16:ed:62:cc:9f:d0:bf:ef:ad:4f:09:
         d1:9a:df:70:87:ca:63:58:89:06:59:1f:19:dd:5a:02:fe:f4:
         c7:30:ce:b5:00:17:a9:1d:cb:9a:c0:b7:46:fb:1f:ff:22:c5:
         84:ae:0a:2a:b2:db:d7:44:8e:ea:86:a5:5d:1a:92:f8:70:2e:
         c1:d4:c1:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKenKUXToqd05HGQJdXKaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1OTAxYzk2Yzc0N2U5MTYyY2FlZmU1MDE0MGFlNTMyMWIy
M2M1N2MwHhcNMjUwNjA3MTMwMDI4WhcNMjUwNjA4MTMwMDI4WjAzMTEwLwYDVQQD
EyhlYTgwMTUwNGVlMTEyY2ZjNmNlMWZhMDQzOWQ4NTY5OTIzNzcwMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwgh2BcJxFvSm7UOMk+5jcYwwLff
csFMhoPcauP0fu2YUeohYebCH9Q+WFqnZgZQz+SJA1lPafWANPr7VXpy5uL6ZFnt
BdUYTZGZiLnnVrh/SJmdRn5x9FRZ8hlhUsvAMEuKjEV2ufxtrh5pu8KhNBnAb3Um
UoFtUthhgTyd4qzk9ngd+TE7cZ/PxT4BfEOlBiZlBgq8anu+baVI0Zsb1HxH/HcQ
vNksD6kyXjVaVo2Z8gkGrcr/9WtssMMrmYiTKQBfT0sUrBsYkBHguzPsKEO/qK7o
VzrVFHsJhnqfTnFmT361cgIj+UClrXQMazPfGpNlc/2uafVSlok8CMte6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqAFQTuESz8bOH6BDnYVpkjdwDIMB8GA1UdIwQY
MBaAFOWQHJbHR+kWLK7+UBQK5TIbI8V8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVpBY2xzZEg2UllzcnY1UUZBcmxNaHNqeFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wNDAwNzAtNjRiMC00NmY4LWEzNjAt
MDIyMDYzMDNkNzEzLzEvNVpBY2xzZEg2UllzcnY1UUZBcmxNaHNqeFh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wNDAwNzAtNjRiMC00NmY4LWEzNjAtMDIyMDYzMDNkNzEz
LzEvNVpBY2xzZEg2UllzcnY1UUZBcmxNaHNqeFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlpIv5AtJ
ZyH6eLVCdK6eEcKIyjfwTI/fA6W5zxpeTj+T20PpEzngBnAW7FhjB96eox8iiogr
setE9DYjJzF633NCH8G8oTU+NSp7CVeB9hfadKwzVN5oOoF6lFpeCFlUnbdQzRyY
oRiw5H4wuiz7vnG2NaaqfsHejbNe7n6Wf2k8S0R7WC1+DXiFWyEN9+LO4+0K5nI5
IQepzjsZ4GHK34KHM3JmWEFw746XvU6+qv7KhmzzG6DL2rUZOhbtYsyf0L/vrU8J
0ZrfcIfKY1iJBlkfGd1aAv70xzDOtQAXqR3LmsC3Rvsf/yLFhK4KKrLb10SO6oal
XRqS+HAuwdTBTA==
-----END CERTIFICATE-----